src/ZF/Constructible/Reflection.thy
author wenzelm
Fri Apr 23 23:35:43 2010 +0200 (2010-04-23)
changeset 36319 8feb2c4bef1a
parent 32960 69916a850301
child 46823 57bf0cecb366
permissions -rw-r--r--
mark schematic statements explicitly;
paulson@13505
     1
(*  Title:      ZF/Constructible/Reflection.thy
paulson@13505
     2
    Author:     Lawrence C Paulson, Cambridge University Computer Laboratory
paulson@13505
     3
*)
paulson@13505
     4
paulson@13223
     5
header {* The Reflection Theorem*}
paulson@13223
     6
haftmann@16417
     7
theory Reflection imports Normal begin
paulson@13223
     8
paulson@13223
     9
lemma all_iff_not_ex_not: "(\<forall>x. P(x)) <-> (~ (\<exists>x. ~ P(x)))";
paulson@13223
    10
by blast
paulson@13223
    11
paulson@13223
    12
lemma ball_iff_not_bex_not: "(\<forall>x\<in>A. P(x)) <-> (~ (\<exists>x\<in>A. ~ P(x)))";
paulson@13223
    13
by blast
paulson@13223
    14
paulson@13223
    15
text{*From the notes of A. S. Kechris, page 6, and from 
paulson@13223
    16
      Andrzej Mostowski, \emph{Constructible Sets with Applications},
paulson@13223
    17
      North-Holland, 1969, page 23.*}
paulson@13223
    18
paulson@13223
    19
paulson@13223
    20
subsection{*Basic Definitions*}
paulson@13223
    21
paulson@13223
    22
text{*First part: the cumulative hierarchy defining the class @{text M}.  
paulson@13223
    23
To avoid handling multiple arguments, we assume that @{text "Mset(l)"} is
paulson@13223
    24
closed under ordered pairing provided @{text l} is limit.  Possibly this
paulson@13223
    25
could be avoided: the induction hypothesis @{term Cl_reflects} 
paulson@13223
    26
(in locale @{text ex_reflection}) could be weakened to
paulson@13223
    27
@{term "\<forall>y\<in>Mset(a). \<forall>z\<in>Mset(a). P(<y,z>) <-> Q(a,<y,z>)"}, removing most
paulson@13223
    28
uses of @{term Pair_in_Mset}.  But there isn't much point in doing so, since 
paulson@13223
    29
ultimately the @{text ex_reflection} proof is packaged up using the
paulson@13223
    30
predicate @{text Reflects}.
paulson@13223
    31
*}
wenzelm@13428
    32
locale reflection =
paulson@13223
    33
  fixes Mset and M and Reflects
paulson@13223
    34
  assumes Mset_mono_le : "mono_le_subset(Mset)"
paulson@13223
    35
      and Mset_cont    : "cont_Ord(Mset)"
paulson@13223
    36
      and Pair_in_Mset : "[| x \<in> Mset(a); y \<in> Mset(a); Limit(a) |] 
paulson@13223
    37
                          ==> <x,y> \<in> Mset(a)"
paulson@13563
    38
  defines "M(x) == \<exists>a. Ord(a) & x \<in> Mset(a)"
paulson@13563
    39
      and "Reflects(Cl,P,Q) == Closed_Unbounded(Cl) &
paulson@13223
    40
                              (\<forall>a. Cl(a) --> (\<forall>x\<in>Mset(a). P(x) <-> Q(a,x)))"
paulson@13223
    41
  fixes F0 --{*ordinal for a specific value @{term y}*}
paulson@13223
    42
  fixes FF --{*sup over the whole level, @{term "y\<in>Mset(a)"}*}
paulson@13223
    43
  fixes ClEx --{*Reflecting ordinals for the formula @{term "\<exists>z. P"}*}
skalberg@14171
    44
  defines "F0(P,y) == \<mu> b. (\<exists>z. M(z) & P(<y,z>)) --> 
paulson@13223
    45
                               (\<exists>z\<in>Mset(b). P(<y,z>))"
paulson@13223
    46
      and "FF(P)   == \<lambda>a. \<Union>y\<in>Mset(a). F0(P,y)"
paulson@13563
    47
      and "ClEx(P,a) == Limit(a) & normalize(FF(P),a) = a"
paulson@13223
    48
paulson@13223
    49
lemma (in reflection) Mset_mono: "i\<le>j ==> Mset(i) <= Mset(j)"
paulson@13223
    50
apply (insert Mset_mono_le) 
paulson@13223
    51
apply (simp add: mono_le_subset_def leI) 
paulson@13223
    52
done
paulson@13223
    53
paulson@13434
    54
text{*Awkward: we need a version of @{text ClEx_def} as an equality
paulson@13434
    55
      at the level of classes, which do not really exist*}
paulson@13434
    56
lemma (in reflection) ClEx_eq:
paulson@13563
    57
     "ClEx(P) == \<lambda>a. Limit(a) & normalize(FF(P),a) = a"
paulson@13434
    58
by (simp add: ClEx_def [symmetric]) 
paulson@13434
    59
paulson@13434
    60
paulson@13223
    61
subsection{*Easy Cases of the Reflection Theorem*}
paulson@13223
    62
paulson@13223
    63
theorem (in reflection) Triv_reflection [intro]:
paulson@13223
    64
     "Reflects(Ord, P, \<lambda>a x. P(x))"
paulson@13223
    65
by (simp add: Reflects_def)
paulson@13223
    66
paulson@13223
    67
theorem (in reflection) Not_reflection [intro]:
paulson@13223
    68
     "Reflects(Cl,P,Q) ==> Reflects(Cl, \<lambda>x. ~P(x), \<lambda>a x. ~Q(a,x))"
paulson@13268
    69
by (simp add: Reflects_def) 
paulson@13223
    70
paulson@13223
    71
theorem (in reflection) And_reflection [intro]:
paulson@13223
    72
     "[| Reflects(Cl,P,Q); Reflects(C',P',Q') |] 
paulson@13563
    73
      ==> Reflects(\<lambda>a. Cl(a) & C'(a), \<lambda>x. P(x) & P'(x), 
paulson@13563
    74
                                      \<lambda>a x. Q(a,x) & Q'(a,x))"
paulson@13223
    75
by (simp add: Reflects_def Closed_Unbounded_Int, blast)
paulson@13223
    76
paulson@13223
    77
theorem (in reflection) Or_reflection [intro]:
paulson@13223
    78
     "[| Reflects(Cl,P,Q); Reflects(C',P',Q') |] 
paulson@13563
    79
      ==> Reflects(\<lambda>a. Cl(a) & C'(a), \<lambda>x. P(x) | P'(x), 
paulson@13563
    80
                                      \<lambda>a x. Q(a,x) | Q'(a,x))"
paulson@13223
    81
by (simp add: Reflects_def Closed_Unbounded_Int, blast)
paulson@13223
    82
paulson@13223
    83
theorem (in reflection) Imp_reflection [intro]:
paulson@13223
    84
     "[| Reflects(Cl,P,Q); Reflects(C',P',Q') |] 
paulson@13563
    85
      ==> Reflects(\<lambda>a. Cl(a) & C'(a), 
paulson@13223
    86
                   \<lambda>x. P(x) --> P'(x), 
paulson@13223
    87
                   \<lambda>a x. Q(a,x) --> Q'(a,x))"
paulson@13223
    88
by (simp add: Reflects_def Closed_Unbounded_Int, blast)
paulson@13223
    89
paulson@13223
    90
theorem (in reflection) Iff_reflection [intro]:
paulson@13223
    91
     "[| Reflects(Cl,P,Q); Reflects(C',P',Q') |] 
paulson@13563
    92
      ==> Reflects(\<lambda>a. Cl(a) & C'(a), 
paulson@13223
    93
                   \<lambda>x. P(x) <-> P'(x), 
paulson@13223
    94
                   \<lambda>a x. Q(a,x) <-> Q'(a,x))"
paulson@13223
    95
by (simp add: Reflects_def Closed_Unbounded_Int, blast) 
paulson@13223
    96
paulson@13223
    97
subsection{*Reflection for Existential Quantifiers*}
paulson@13223
    98
paulson@13223
    99
lemma (in reflection) F0_works:
paulson@13223
   100
     "[| y\<in>Mset(a); Ord(a); M(z); P(<y,z>) |] ==> \<exists>z\<in>Mset(F0(P,y)). P(<y,z>)"
paulson@13223
   101
apply (unfold F0_def M_def, clarify)
paulson@13223
   102
apply (rule LeastI2)
paulson@13223
   103
  apply (blast intro: Mset_mono [THEN subsetD])
paulson@13223
   104
 apply (blast intro: lt_Ord2, blast)
paulson@13223
   105
done
paulson@13223
   106
paulson@13223
   107
lemma (in reflection) Ord_F0 [intro,simp]: "Ord(F0(P,y))"
paulson@13223
   108
by (simp add: F0_def)
paulson@13223
   109
paulson@13223
   110
lemma (in reflection) Ord_FF [intro,simp]: "Ord(FF(P,y))"
paulson@13223
   111
by (simp add: FF_def)
paulson@13223
   112
paulson@13223
   113
lemma (in reflection) cont_Ord_FF: "cont_Ord(FF(P))"
paulson@13223
   114
apply (insert Mset_cont)
paulson@13223
   115
apply (simp add: cont_Ord_def FF_def, blast)
paulson@13223
   116
done
paulson@13223
   117
paulson@13223
   118
text{*Recall that @{term F0} depends upon @{term "y\<in>Mset(a)"}, 
paulson@13223
   119
while @{term FF} depends only upon @{term a}. *}
paulson@13223
   120
lemma (in reflection) FF_works:
paulson@13223
   121
     "[| M(z); y\<in>Mset(a); P(<y,z>); Ord(a) |] ==> \<exists>z\<in>Mset(FF(P,a)). P(<y,z>)"
paulson@13223
   122
apply (simp add: FF_def)
paulson@13223
   123
apply (simp_all add: cont_Ord_Union [of concl: Mset] 
paulson@13223
   124
                     Mset_cont Mset_mono_le not_emptyI Ord_F0)
paulson@13223
   125
apply (blast intro: F0_works)  
paulson@13223
   126
done
paulson@13223
   127
paulson@13223
   128
lemma (in reflection) FFN_works:
paulson@13223
   129
     "[| M(z); y\<in>Mset(a); P(<y,z>); Ord(a) |] 
paulson@13223
   130
      ==> \<exists>z\<in>Mset(normalize(FF(P),a)). P(<y,z>)"
paulson@13223
   131
apply (drule FF_works [of concl: P], assumption+) 
paulson@13223
   132
apply (blast intro: cont_Ord_FF le_normalize [THEN Mset_mono, THEN subsetD])
paulson@13223
   133
done
paulson@13223
   134
paulson@13223
   135
paulson@13223
   136
text{*Locale for the induction hypothesis*}
paulson@13223
   137
wenzelm@13428
   138
locale ex_reflection = reflection +
paulson@13223
   139
  fixes P  --"the original formula"
paulson@13223
   140
  fixes Q  --"the reflected formula"
paulson@13223
   141
  fixes Cl --"the class of reflecting ordinals"
paulson@13223
   142
  assumes Cl_reflects: "[| Cl(a); Ord(a) |] ==> \<forall>x\<in>Mset(a). P(x) <-> Q(a,x)"
paulson@13223
   143
paulson@13223
   144
lemma (in ex_reflection) ClEx_downward:
paulson@13223
   145
     "[| M(z); y\<in>Mset(a); P(<y,z>); Cl(a); ClEx(P,a) |] 
paulson@13223
   146
      ==> \<exists>z\<in>Mset(a). Q(a,<y,z>)"
paulson@13223
   147
apply (simp add: ClEx_def, clarify) 
paulson@13223
   148
apply (frule Limit_is_Ord) 
paulson@13223
   149
apply (frule FFN_works [of concl: P], assumption+) 
paulson@13223
   150
apply (drule Cl_reflects, assumption+) 
paulson@13223
   151
apply (auto simp add: Limit_is_Ord Pair_in_Mset)
paulson@13223
   152
done
paulson@13223
   153
paulson@13223
   154
lemma (in ex_reflection) ClEx_upward:
paulson@13223
   155
     "[| z\<in>Mset(a); y\<in>Mset(a); Q(a,<y,z>); Cl(a); ClEx(P,a) |] 
paulson@13563
   156
      ==> \<exists>z. M(z) & P(<y,z>)"
paulson@13223
   157
apply (simp add: ClEx_def M_def)
paulson@13223
   158
apply (blast dest: Cl_reflects
wenzelm@32960
   159
             intro: Limit_is_Ord Pair_in_Mset)
paulson@13223
   160
done
paulson@13223
   161
paulson@13223
   162
text{*Class @{text ClEx} indeed consists of reflecting ordinals...*}
paulson@13223
   163
lemma (in ex_reflection) ZF_ClEx_iff:
paulson@13223
   164
     "[| y\<in>Mset(a); Cl(a); ClEx(P,a) |] 
paulson@13563
   165
      ==> (\<exists>z. M(z) & P(<y,z>)) <-> (\<exists>z\<in>Mset(a). Q(a,<y,z>))"
paulson@13223
   166
by (blast intro: dest: ClEx_downward ClEx_upward) 
paulson@13223
   167
paulson@13223
   168
text{*...and it is closed and unbounded*}
paulson@13223
   169
lemma (in ex_reflection) ZF_Closed_Unbounded_ClEx:
paulson@13223
   170
     "Closed_Unbounded(ClEx(P))"
paulson@13434
   171
apply (simp add: ClEx_eq)
paulson@13223
   172
apply (fast intro: Closed_Unbounded_Int Normal_imp_fp_Closed_Unbounded
paulson@13223
   173
                   Closed_Unbounded_Limit Normal_normalize)
paulson@13223
   174
done
paulson@13223
   175
paulson@13223
   176
text{*The same two theorems, exported to locale @{text reflection}.*}
paulson@13223
   177
paulson@13223
   178
text{*Class @{text ClEx} indeed consists of reflecting ordinals...*}
paulson@13223
   179
lemma (in reflection) ClEx_iff:
paulson@13223
   180
     "[| y\<in>Mset(a); Cl(a); ClEx(P,a);
paulson@13223
   181
        !!a. [| Cl(a); Ord(a) |] ==> \<forall>x\<in>Mset(a). P(x) <-> Q(a,x) |] 
paulson@13563
   182
      ==> (\<exists>z. M(z) & P(<y,z>)) <-> (\<exists>z\<in>Mset(a). Q(a,<y,z>))"
paulson@13223
   183
apply (unfold ClEx_def FF_def F0_def M_def)
wenzelm@13428
   184
apply (rule ex_reflection.ZF_ClEx_iff
wenzelm@13428
   185
  [OF ex_reflection.intro, OF reflection.intro ex_reflection_axioms.intro,
wenzelm@13428
   186
    of Mset Cl])
wenzelm@13428
   187
apply (simp_all add: Mset_mono_le Mset_cont Pair_in_Mset)
paulson@13223
   188
done
paulson@13223
   189
paulson@13434
   190
(*Alternative proof, less unfolding:
paulson@13434
   191
apply (rule Reflection.ZF_ClEx_iff [of Mset _ _ Cl, folded M_def])
paulson@13434
   192
apply (fold ClEx_def FF_def F0_def)
paulson@13434
   193
apply (rule ex_reflection.intro, assumption)
paulson@13434
   194
apply (simp add: ex_reflection_axioms.intro, assumption+)
paulson@13434
   195
*)
paulson@13434
   196
paulson@13223
   197
lemma (in reflection) Closed_Unbounded_ClEx:
paulson@13223
   198
     "(!!a. [| Cl(a); Ord(a) |] ==> \<forall>x\<in>Mset(a). P(x) <-> Q(a,x))
paulson@13223
   199
      ==> Closed_Unbounded(ClEx(P))"
paulson@13434
   200
apply (unfold ClEx_eq FF_def F0_def M_def) 
wenzelm@21232
   201
apply (rule ex_reflection.ZF_Closed_Unbounded_ClEx [of Mset _ _ Cl])
wenzelm@23464
   202
apply (rule ex_reflection.intro, rule reflection_axioms)
paulson@13434
   203
apply (blast intro: ex_reflection_axioms.intro)
paulson@13223
   204
done
paulson@13223
   205
paulson@13292
   206
subsection{*Packaging the Quantifier Reflection Rules*}
paulson@13292
   207
paulson@13223
   208
lemma (in reflection) Ex_reflection_0:
paulson@13223
   209
     "Reflects(Cl,P0,Q0) 
paulson@13563
   210
      ==> Reflects(\<lambda>a. Cl(a) & ClEx(P0,a), 
paulson@13563
   211
                   \<lambda>x. \<exists>z. M(z) & P0(<x,z>), 
paulson@13223
   212
                   \<lambda>a x. \<exists>z\<in>Mset(a). Q0(a,<x,z>))" 
paulson@13223
   213
apply (simp add: Reflects_def) 
paulson@13223
   214
apply (intro conjI Closed_Unbounded_Int)
paulson@13223
   215
  apply blast 
wenzelm@13382
   216
 apply (rule Closed_Unbounded_ClEx [of Cl P0 Q0], blast, clarify) 
paulson@13223
   217
apply (rule_tac Cl=Cl in  ClEx_iff, assumption+, blast) 
paulson@13223
   218
done
paulson@13223
   219
paulson@13223
   220
lemma (in reflection) All_reflection_0:
paulson@13223
   221
     "Reflects(Cl,P0,Q0) 
paulson@13563
   222
      ==> Reflects(\<lambda>a. Cl(a) & ClEx(\<lambda>x.~P0(x), a), 
paulson@13223
   223
                   \<lambda>x. \<forall>z. M(z) --> P0(<x,z>), 
paulson@13223
   224
                   \<lambda>a x. \<forall>z\<in>Mset(a). Q0(a,<x,z>))" 
paulson@13223
   225
apply (simp only: all_iff_not_ex_not ball_iff_not_bex_not) 
paulson@13223
   226
apply (rule Not_reflection, drule Not_reflection, simp) 
paulson@13223
   227
apply (erule Ex_reflection_0)
paulson@13223
   228
done
paulson@13223
   229
paulson@13223
   230
theorem (in reflection) Ex_reflection [intro]:
paulson@13223
   231
     "Reflects(Cl, \<lambda>x. P(fst(x),snd(x)), \<lambda>a x. Q(a,fst(x),snd(x))) 
paulson@13563
   232
      ==> Reflects(\<lambda>a. Cl(a) & ClEx(\<lambda>x. P(fst(x),snd(x)), a), 
paulson@13563
   233
                   \<lambda>x. \<exists>z. M(z) & P(x,z), 
paulson@13223
   234
                   \<lambda>a x. \<exists>z\<in>Mset(a). Q(a,x,z))"
paulson@13223
   235
by (rule Ex_reflection_0 [of _ " \<lambda>x. P(fst(x),snd(x))" 
paulson@13223
   236
                               "\<lambda>a x. Q(a,fst(x),snd(x))", simplified])
paulson@13223
   237
paulson@13223
   238
theorem (in reflection) All_reflection [intro]:
paulson@13223
   239
     "Reflects(Cl,  \<lambda>x. P(fst(x),snd(x)), \<lambda>a x. Q(a,fst(x),snd(x)))
paulson@13563
   240
      ==> Reflects(\<lambda>a. Cl(a) & ClEx(\<lambda>x. ~P(fst(x),snd(x)), a), 
paulson@13223
   241
                   \<lambda>x. \<forall>z. M(z) --> P(x,z), 
paulson@13223
   242
                   \<lambda>a x. \<forall>z\<in>Mset(a). Q(a,x,z))" 
paulson@13223
   243
by (rule All_reflection_0 [of _ "\<lambda>x. P(fst(x),snd(x))" 
paulson@13223
   244
                                "\<lambda>a x. Q(a,fst(x),snd(x))", simplified])
paulson@13223
   245
paulson@13292
   246
text{*And again, this time using class-bounded quantifiers*}
paulson@13292
   247
paulson@13292
   248
theorem (in reflection) Rex_reflection [intro]:
paulson@13292
   249
     "Reflects(Cl, \<lambda>x. P(fst(x),snd(x)), \<lambda>a x. Q(a,fst(x),snd(x))) 
paulson@13563
   250
      ==> Reflects(\<lambda>a. Cl(a) & ClEx(\<lambda>x. P(fst(x),snd(x)), a), 
paulson@13292
   251
                   \<lambda>x. \<exists>z[M]. P(x,z), 
paulson@13292
   252
                   \<lambda>a x. \<exists>z\<in>Mset(a). Q(a,x,z))"
paulson@13292
   253
by (unfold rex_def, blast) 
paulson@13292
   254
paulson@13292
   255
theorem (in reflection) Rall_reflection [intro]:
paulson@13292
   256
     "Reflects(Cl,  \<lambda>x. P(fst(x),snd(x)), \<lambda>a x. Q(a,fst(x),snd(x)))
paulson@13563
   257
      ==> Reflects(\<lambda>a. Cl(a) & ClEx(\<lambda>x. ~P(fst(x),snd(x)), a), 
paulson@13292
   258
                   \<lambda>x. \<forall>z[M]. P(x,z), 
paulson@13292
   259
                   \<lambda>a x. \<forall>z\<in>Mset(a). Q(a,x,z))" 
paulson@13292
   260
by (unfold rall_def, blast) 
paulson@13292
   261
paulson@13292
   262
paulson@13223
   263
text{*No point considering bounded quantifiers, where reflection is trivial.*}
paulson@13223
   264
paulson@13223
   265
paulson@13223
   266
subsection{*Simple Examples of Reflection*}
paulson@13223
   267
paulson@13223
   268
text{*Example 1: reflecting a simple formula.  The reflecting class is first
paulson@13223
   269
given as the variable @{text ?Cl} and later retrieved from the final 
paulson@13223
   270
proof state.*}
wenzelm@36319
   271
schematic_lemma (in reflection) 
paulson@13223
   272
     "Reflects(?Cl,
paulson@13563
   273
               \<lambda>x. \<exists>y. M(y) & x \<in> y, 
paulson@13223
   274
               \<lambda>a x. \<exists>y\<in>Mset(a). x \<in> y)"
paulson@13223
   275
by fast
paulson@13223
   276
paulson@13223
   277
text{*Problem here: there needs to be a conjunction (class intersection)
paulson@13223
   278
in the class of reflecting ordinals.  The @{term "Ord(a)"} is redundant,
paulson@13223
   279
though harmless.*}
paulson@13223
   280
lemma (in reflection) 
paulson@13563
   281
     "Reflects(\<lambda>a. Ord(a) & ClEx(\<lambda>x. fst(x) \<in> snd(x), a),   
paulson@13563
   282
               \<lambda>x. \<exists>y. M(y) & x \<in> y, 
paulson@13223
   283
               \<lambda>a x. \<exists>y\<in>Mset(a). x \<in> y)" 
paulson@13223
   284
by fast
paulson@13223
   285
paulson@13223
   286
paulson@13223
   287
text{*Example 2*}
wenzelm@36319
   288
schematic_lemma (in reflection) 
paulson@13223
   289
     "Reflects(?Cl,
paulson@13563
   290
               \<lambda>x. \<exists>y. M(y) & (\<forall>z. M(z) --> z \<subseteq> x --> z \<in> y), 
paulson@13223
   291
               \<lambda>a x. \<exists>y\<in>Mset(a). \<forall>z\<in>Mset(a). z \<subseteq> x --> z \<in> y)" 
paulson@13223
   292
by fast
paulson@13223
   293
paulson@13223
   294
text{*Example 2'.  We give the reflecting class explicitly. *}
paulson@13223
   295
lemma (in reflection) 
paulson@13223
   296
  "Reflects
paulson@13563
   297
    (\<lambda>a. (Ord(a) &
paulson@13563
   298
          ClEx(\<lambda>x. ~ (snd(x) \<subseteq> fst(fst(x)) --> snd(x) \<in> snd(fst(x))), a)) &
paulson@13223
   299
          ClEx(\<lambda>x. \<forall>z. M(z) --> z \<subseteq> fst(x) --> z \<in> snd(x), a),
wenzelm@32960
   300
            \<lambda>x. \<exists>y. M(y) & (\<forall>z. M(z) --> z \<subseteq> x --> z \<in> y), 
wenzelm@32960
   301
            \<lambda>a x. \<exists>y\<in>Mset(a). \<forall>z\<in>Mset(a). z \<subseteq> x --> z \<in> y)" 
paulson@13223
   302
by fast
paulson@13223
   303
paulson@13223
   304
text{*Example 2''.  We expand the subset relation.*}
wenzelm@36319
   305
schematic_lemma (in reflection) 
paulson@13223
   306
  "Reflects(?Cl,
paulson@13563
   307
        \<lambda>x. \<exists>y. M(y) & (\<forall>z. M(z) --> (\<forall>w. M(w) --> w\<in>z --> w\<in>x) --> z\<in>y),
paulson@13223
   308
        \<lambda>a x. \<exists>y\<in>Mset(a). \<forall>z\<in>Mset(a). (\<forall>w\<in>Mset(a). w\<in>z --> w\<in>x) --> z\<in>y)"
paulson@13223
   309
by fast
paulson@13223
   310
paulson@13223
   311
text{*Example 2'''.  Single-step version, to reveal the reflecting class.*}
wenzelm@36319
   312
schematic_lemma (in reflection) 
paulson@13223
   313
     "Reflects(?Cl,
paulson@13563
   314
               \<lambda>x. \<exists>y. M(y) & (\<forall>z. M(z) --> z \<subseteq> x --> z \<in> y), 
paulson@13223
   315
               \<lambda>a x. \<exists>y\<in>Mset(a). \<forall>z\<in>Mset(a). z \<subseteq> x --> z \<in> y)" 
paulson@13223
   316
apply (rule Ex_reflection) 
paulson@13223
   317
txt{*
paulson@13223
   318
@{goals[display,indent=0,margin=60]}
paulson@13223
   319
*}
paulson@13223
   320
apply (rule All_reflection) 
paulson@13223
   321
txt{*
paulson@13223
   322
@{goals[display,indent=0,margin=60]}
paulson@13223
   323
*}
paulson@13223
   324
apply (rule Triv_reflection) 
paulson@13223
   325
txt{*
paulson@13223
   326
@{goals[display,indent=0,margin=60]}
paulson@13223
   327
*}
paulson@13223
   328
done
paulson@13223
   329
paulson@13223
   330
text{*Example 3.  Warning: the following examples make sense only
paulson@13223
   331
if @{term P} is quantifier-free, since it is not being relativized.*}
wenzelm@36319
   332
schematic_lemma (in reflection) 
paulson@13223
   333
     "Reflects(?Cl,
paulson@13563
   334
               \<lambda>x. \<exists>y. M(y) & (\<forall>z. M(z) --> z \<in> y <-> z \<in> x & P(z)), 
paulson@13563
   335
               \<lambda>a x. \<exists>y\<in>Mset(a). \<forall>z\<in>Mset(a). z \<in> y <-> z \<in> x & P(z))"
paulson@13223
   336
by fast
paulson@13223
   337
paulson@13223
   338
text{*Example 3'*}
wenzelm@36319
   339
schematic_lemma (in reflection) 
paulson@13223
   340
     "Reflects(?Cl,
paulson@13563
   341
               \<lambda>x. \<exists>y. M(y) & y = Collect(x,P),
paulson@13223
   342
               \<lambda>a x. \<exists>y\<in>Mset(a). y = Collect(x,P))";
paulson@13223
   343
by fast
paulson@13223
   344
paulson@13223
   345
text{*Example 3''*}
wenzelm@36319
   346
schematic_lemma (in reflection) 
paulson@13223
   347
     "Reflects(?Cl,
paulson@13563
   348
               \<lambda>x. \<exists>y. M(y) & y = Replace(x,P),
paulson@13223
   349
               \<lambda>a x. \<exists>y\<in>Mset(a). y = Replace(x,P))";
paulson@13223
   350
by fast
paulson@13223
   351
paulson@13223
   352
text{*Example 4: Axiom of Choice.  Possibly wrong, since @{text \<Pi>} needs
paulson@13223
   353
to be relativized.*}
wenzelm@36319
   354
schematic_lemma (in reflection) 
paulson@13223
   355
     "Reflects(?Cl,
skalberg@14171
   356
               \<lambda>A. 0\<notin>A --> (\<exists>f. M(f) & f \<in> (\<Pi> X \<in> A. X)),
skalberg@14171
   357
               \<lambda>a A. 0\<notin>A --> (\<exists>f\<in>Mset(a). f \<in> (\<Pi> X \<in> A. X)))"
paulson@13223
   358
by fast
paulson@13223
   359
paulson@13223
   360
end
paulson@13223
   361